The Internet connects millions of nodes located around the world. With the click of a button, a user in one part of the world can access a file on another computer thousands of miles away. In addition, the Internet has facilitated the exchange of information in the form of electronic messages known as email. Although, first used to transfer short text messages, email can now be used to send digital pictures, sound files, documents, spreadsheets, executable programs, and other electronic files. Sending such files can be easy as attaching them to an email message and clicking a send button.
Due in part to the ease of transmitting information, there has been exploitation of the technology for unintended purposes. One of the first well-publicized cases of exploitation involved using email servers to propagate a program. Once an email server became “infected” with the program, it would send email messages containing the program to other email servers that it was aware of. Like a virus, the program spread from email server to email server with amazing speed. Although the program did not erase files or harm data on the email servers, because of the volume of email messages sent by the infected email servers, the program caused retrieval of email messages from email servers to slow to an excruciating pace.
Now, the news reports virus-like programs (hereinafter “exploits”) on an almost daily basis. Some of these exploits are relatively benign; others destroy data or capture sensitive information. Unless properly protected against, these exploits can bring a company's network or email system to its knees or steal sensitive information, even if only a few computers are infected.
The most prevalent method for dealing with these exploits is to install virus protection software on every computer. As soon as a version of virus protection software is released, those seeking to circumvent the exploit protection software create new exploits that are not recognized by the virus protection software. This prompts virus protection software developers to create updates for their virus protection software to detect these new exploits. Previously, updating the virus protection software on each computer required obtaining the updates on disk and individually installing the update. Now, virus protection software allows computer users to download updates using the Internet. Since installing updates requires effort on the part of each user (or a computer support team), quite often the virus protection software is not brought up-to-date on every computer. In addition, there is often a significant delay between the introduction of a new virus and the creation and distribution of an update aimed to protect against the new virus. Additionally, virus protection software typically does not protect against the more general class of virus-like programs known as exploits.